Risk Management: A Shared And Distributed Function

Article views

1391

VIEWS

I often serve as an extension of our client’s risk management team. Recently, I visited a client site to implement a continuity program focused on manufacturing recovery. Approaching new sites can be a challenge, particularly for recently established programs. I’m always reminded that first impressions - of people and of programs - are lasting, and it’s not easy to spark engagement and support from local teams. In my experience, here’s what works in winning them over:

Instill confidence

Every site leader wants to be confident in their ability to manage threats. But probably few are actually certain of what to do if some somewhat-unlikely-but-still-probable event were to happen, by no fault of their own. Managing risk is a tough job - and too often takes a backseat priority to more pressing strategic goals, such as maintaining profits and revenue.

Our job in risk management is to support these leaders by reminding them that their job as a leader isn’t necessarily to have all the answers, but rather to instill certain objectives among their team, train the appropriate staff, and empower them with simple resiliency options and decision-making authority. In doing so, risk management becomes a shared and distributed function.

Be unexpected

When people walk into a meeting scheduled as 'Risk Management Training, 'they likely expect a routine lecture or presentation. They’re certainly not expecting to plot against team members in Attackers and Defenders™ or roll the dice in the Masters of Disaster board game.

Yet these types of activities facilitate an atmosphere conducive to learning. Just as in childhood, we learn best in social environments where we can interact with others and engage with the topic at hand. Cognitive science also tells us that information is more likely to be 'sticky' and stay top of mind when it’s hands-on and applicable. That’s why we use interactive activities to drive team discussion and learning, and yes - even to facilitate data collection and analysis.

At its worst, planning for risk can be dull and tedious. But at its best, it can be meaningful, create buy-in, and inspire action.

Reveal the real risk

Site leaders need reasons for why they should invest their limited time and resources right now—not next quarter, not next year. They’re not going to be too concerned about fires, floods, equipment outages, or other threats they’re accustomed to dealing with.

For most companies, the real threat is the failure to share knowledge internally, and losing the experience of existing employees with tacit knowledge. These are the people who know the intricacies of the business, and every piece of equipment inside and out. Tacit knowledge is difficult to replace and transfer; it’s expertise that’s gained through years of company experience,

Relying on these seasoned employees has allowed certain companies to operate without a formal crisis management or business continuity program. It’s a huge dependency: once these employees retire, their teams will suffer a massive gap. The key to building tacit knowledge is providing regular training that will allow more junior team members to gain experience and practice decision-making in a low-stakes environment.